Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

netbuzz (955038) writes "A band called netcat is generating buzz in software circles by releasing its debut album as a Linux kernel module (among other more typical formats.) 'Are you ever listening to an album, and thinking "man, this sounds good, but I wish it crossed from user-space to kernel-space more often!" We got you covered,' the band says on its Facebook page. 'Our album is now fully playable as a loadable Linux kernel module.'"

CowboyRobot sends in an article about how Samsung's constantly shifting plans for its smartwatches are making it hard for developers to commit to building apps. Quoting:
"Samsung's first smartwatch, released in October last year, ran a modified version of Google's Android platform. The device had access to about 80 apps at launch, all of which were managed by a central smartphone app. Samsung offered developers an SDK for the Galaxy Gear so they could create more apps. Developers obliged. Then Samsung changed direction. Samsung announced a new series of smartwatches in February: the Gear 2, Gear 2 Neo, and Gear Fit. Unlike the first device, these three run Samsung’s Tizen platform. ... This week, Samsung made things even more interesting. Speaking to Reuters, Yoon Han-kil, senior vice president of Samsung’s product strategy team, said the company is working on a watch that will use Google’s Android Wear platform. In other words, Samsung will bring three different watches to market with three different operating systems in under a year."

This is an interview with Graham Morrison, who is one of four people behind the shiny-new Linux Voice magazine, which is printed on (gasp) paper. Yes, paper, even though it's 2014 and a lot of people believe the idea of publishing a physical newspaper or magazine is dead. But, Graham says, when you have a tight community (like Linux users and developers) you have an opportunity to make a successful magazine for that community. This is a crowdfunded venture, through Indiegogo, where they hoped to raise £90,000 -- but ended up with £127,603, which is approximately $214,288 as of this video's publishing date. So they have a little capital to work with. Also note: these are not publishing neophytes. All four of the main people behind Linux Voice used to work on the well-regarded Linux Format magazine. Graham says they're getting subscribers and newsstand sales at a healthy rate, so they're happily optimistic about their magazine's future. (Here's an alternate video link)

An anonymous reader writes with this announcement: "Ubuntu Linux version 14.04 LTS (code named "Trusty Tahr") has been released and available for download. This updated version includes the Linux kernel v3.13.0-24.46, Python 3.4, Xen 4.4, Libreoffice 4.2.3, MySQL 5.6/MariaDB 5.5, Apache 2.4, PHP 5.5, improvements to AppArmor allow more fine-grained control over application, and more. The latest release of Ubuntu Server is heavily focused on supporting cloud and scale-out computing platforms such as OpenStack, Docker, and more. As part of the wider Ubuntu 14.04 release efforts the Ubuntu Touch team is proud to make the latest and greatest touch experience available to our enthusiast users and developers. You can install Ubuntu on Nexus 4 Phone (mako), Nexus 7 (2013) Tablet (flo), and Nexus 10 Tablet (manta) by following these instructions. On a hardware front, ARM multiplatform support has been added, enabling you to build a single ARM kernel image that can boot across multiple hardware platforms. Additionally, the ARM64 and Power architectures are now fully supported. See detailed release notes for more information. A quick upgrade to a newer version of Ubuntu is possible over the network."

Eben Moglen's FreedomBox concept (personal servers for everyone to enable private communication) is getting closer to being an easy-to-install reality: all packages needed for FreedomBox are now in Debian's unstable branch, and should be migrating to testing in a week or two. Quoting Petter Reinholdtsen: "Today, the last of the packages currently used by the project to created the system images were accepted into Debian Unstable. It was the freedombox-setup package, which is used to configure the images during build and on the first boot. Now all one need to get going is the build code from the freedom-maker git repository and packages from Debian. And once the freedombox-setup package enter testing, we can build everything directly from Debian. :)
Some key packages used by Freedombox are freedombox-setup, plinth, pagekite, tor, privoxy, owncloud, and dnsmasq. There are plans to integrate more packages into the setup. User documentation is maintained on the Debian wiki."
You can create your own image with only three commands, at least if you have a DreamPlug or Raspberry Pi (you could also help port it to other platforms).

The developers of Tails are, appropriately, anonymous. They're protecting their identities, in part, to help protect the code from government interference. 'The NSA has been pressuring free software projects and developers in various ways,' the group says. But since we don't know who wrote Tails, how do we know it isn't some government plot designed to snare activists or criminals? A couple of ways, actually. One of the Snowden leaks show the NSA complaining about Tails in a Power Point Slide; if it's bad for the NSA, it's safe to say it's good for privacy. And all of the Tails code is open source, so it can be inspected by anyone worried about foul play. 'With Tails,' say the distro developers, 'we provide a tongue and a pen protected by state-of-the-art cryptography to guarantee basic human rights and allow journalists worldwide to work and communicate freely and without fear of reprisal.'"

An anonymous reader writes "The Linux 3.15 kernel now in its early life will be able to suspend and resume much faster than previous versions of the Linux kernel. A few days ago we saw ACPI and Power Management updates that enable asynchronous threads for more suspend and resume callbacks. Carrying out more async operations leads to reduced time for the system suspend and then resuming. According to one developer, it was about an 80% time savings within one of the phases. On Friday, work was merged that ensured the kernel is no longer blocked by waiting for ATA devices to resume. Multiple ATA devices can be woken up simultaneously, and any ATA commands for the device(s) will be queued until they have powered up. According to an 01.org blog post on the ATA/SCSI resume optimization patches, when tested on three Intel Linux systems the resume time was between 7x and 12x faster (not including the latest ACPI/PM S&R optimizations)."

An anonymous reader writes "Recently my boss has asked me about the advantages of Linux as a desktop operating system and if it would be a good idea to install it instead of upgrading to Windows 7 or 8. About ten boxes here are still running Windows XP and would be too old to upgrade to any newer version of Windows. He knows that i am using Linux at work on quite outdated hardware (would have gotten a new PC but never requested new hardware — Linux Mint x64 runs quite well on it) and i always managed to get my stuff done with it. I explained to him that there are no licensing issues with Linux, there is no anti-virus software to deal with and that Linux is generally a bit more efficient on old hardware than operating systems from Microsoft. The boss seems interested." But that's not quite the end; read on for this reader's question.

You've probably heard Jono Bacon speak at a Linux or Open Source conference. Or maybe you've heard one of his podcasts or read something he's written in his job as Ubuntu's community manager or even, perhaps, read The Art of Community, which is Jono's well-regarded book about building online communities. Jono also wrote and performed the heavy metal version of Richard M. Stallman's infamous composition, The Free Software Song. An excerpt from the Jono version kicks off our interview, and the complete piece (about two minutes long) closes the video. Please note that this video is a casual talk with Jono Bacon, the person, rather than a talk with the "official" Ubuntu Jono Bacon. So please, pull up a chair, lean back, and join us. (Alternate Video Link)

According to an article at Ars Technica, a major security bug faces Linux users, akin to the one recently found in Apple's iOS (and which Apple has since fixed). Says the article:"The bug is the result of commands in a section of the GnuTLS code that verify the authenticity of TLS certificates, which are often known simply as X509 certificates. The coding error, which may have been present in the code since 2005, causes critical verification checks to be terminated, drawing ironic parallels to the extremely critical 'goto fail' flaw that for months put users of Apple's iOS and OS X operating systems at risk of surreptitious eavesdropping attacks. Apple developers have since patched the bug." And while Apple can readily fix a bug in its own software, at least for users who keep up on patches, "Linux" refers to a broad range of systems and vendors, rather than a single company, and the affected systems include some of the biggest names in the Linux world, like Red Hat, Debian, and Ubuntu.

An anonymous reader writes "Linux kernel developers are currently evaluating the possibility of using QR codes to display kernel oops/panic messages. Right now a lot of text is dumped to the screen when a kernel oops occurs, most of which isn't easily archivable by normal Linux end-users. With QR codes as Linux oops messages, a smart-phone could capture the display and either report the error string or redirect them to an error page on Kernel.org. The idea of using QR codes within the Linux kernel is still being discussed by upstream developers."

A few months back, we posted a video interview with some of the folks behind the Linux-friendly, x86-based MinnowBoard. TechCrunch reports the release of a more powerful version of the same all-in-one computer, now with a 1.91GHz Atom E3845 processor. According to the linked article, "The board's schematics are also available for download and the Intel graphics chipset has open-source drivers so hackers can have their way with the board. While it doesn’t compete directly with the Raspberry Pi – the Pi is more an educational tool and already has a robust ecosystem – it is a way for DIYers to mess around in x86 architected systems as well as save a bit of cash. The system uses break-out boards called Lures to expand functionality."

An anonymous reader writes "I am a new Linux user; I'm on 2nd day now. Currently I am trying out Ubuntu, but that could change. I am looking for a user friendly firewall that I can set up that lets me do these things:1) set up a default deny rule 2) carve out exceptions for these programs: browser, email client, chat client, yum and/or apt. 3) carve out exceptions to the exceptions in requirement 2 — i.e. I want to be able to then block off IPs and IP ranges known to be used by malware, marketers, etc., and all protocols which aren't needed for requirement 2. It also needs to have good enough documentation that a beginner like me can figure it out. Previously, I had done all of the above in AVG Firewall on Windows, and it was very easy to do. So far, I have tried these things:1) IPTABLES — it looked really easy to screw it up and then not notice that it's screwed up and/or not be able to fix it even if I did notice, so I tried other things at that point... 2) searched the internet and found various free firewalls such as Firestarter, GUFW, etc., which I weren't able to make meet my requirements. Can someone either point me to a firewall that meets my needs or else give me some hints on how to make firestarter or GUFW do what I need?"

New submitter FikseGTS (3604833) writes "A Tesla Model S owner located a 4 pin connector on the left side of the Tesla Model S dashboard that turns out to be a disguised ethernet networking port. After crafting his owns patch cable to connect with the Tesla's port, a networking connection was established between the Tesla Model S and a laptop computer. The Model S is running a 100 Mbps, full duplex ethernet network and 3 devices were found with assigned IP addresses in the 192.168.90.0 subnet. Some ports and services that were open on the devices were 22 (SSH), 23 (telnet),53 (open domain), 80 (HTTP), 111 (rpcbind), 2049 (NFS), 6000 (X11). Port 80 was serving up a web page with the image or media of the current song being played. The operating system is modified version of Ubuntu using an ext3 filesystem. Using X11 it also appears that someone was able to somewhat run Firefox on both of the Model S screens. Is a jailbroken Tesla Model S on the way?"
Some more details on this front would be appreciated, for anyone who has a Tesla they'd like to explore.

Bruce Perens is a computer programmer and one of the most important advocates for the open source community. He co-founded the Open Source Initiative with ESR and has worked towards reforms of national and international technology policies. He is an amateur radio enthusiast, and has pushed for open radio communication standards. He is also our interview guest today. As usual, ask as many questions as you'd like, but please, one per post.

DeviceGuru (1136715) writes "Intel and CircuitCo have revealed a smaller, faster, 2nd-gen MinnowBoard open SBC based on an Atom E3800 SoC and supported by both Android 4.4 and various standard Linux OSes. The MinnowBoard Max, which will ship in Q3 starting at $99, blows past the original MinnowBoard (Slashdot video) on price, performance, and energy consumption. The 3.9 x 2.9-inch Max's $99 starting price includes a 64-bit 1.46GHz Intel Atom E3815 (Bay Trail-T) CPU, 1GB RAM and 8GB SPI flash, and coastline ports for MicroSD, Micro-HDMI, GbE, dual USB, and SATA. Unlike the original MinnowBoard, the Max provides two expansion connectors: a low-speed header, with signals similar to the Arduino's Shield connector; and a high-speed connector, which can support mSATA and mini-PCIe sockets on expansion modules, among other interfaces. Although the Max's design supports CPUs up to Intel's quad-core 1.91GHz (10W TDP) E3845, only two choices shown initially at MinnowBoard.org, with the higher-end $129 model stepping up to a 1.33GHz dual-core E3825 plus 2GB RAM.."

An anonymous reader writes "The Linux 3.14 "Shuffling Zombie Juror" kernel has been released. Significant improvements to Linux 3.14 include the mainlining of SCHED_DEADLINE, stable support for Intel Broadwell CPU graphics, Xen PVH support, stable support for ZRAM, and many other additions. There's also a tentative feature list on KernelNewbies.org."

darthcamaro (735685) writes "Red Hat's open source oVirt project hit a major milestone this week with the release of version 3.4. It's got improved storage handling so users can mix and match different resource types, though the big new feature is one that seems painfully obvious. For the first time oVirt users can have the oVirt Manager and oVirt VMs on the same physical machine. 'So, typically, customers deployed the oVirt engine on a physical machine or on a virtual machine that wasn't managed or monitored,' Scott Herold, principal product manager for Red Hat Enterprise Virtualization said. 'The oVirt 3.4 release adds the ability for oVirt to self-host its engine, including monitoring and recovery of the virtual machine.'"
(Wikipedia describes oVirt as "a free platform virtualization management web application community project.")

dotancohen (1015143) writes "It is commonly said that open source software is preferable because if you need something changed, you can change it yourself. Well, I am not an Xorg developer and I cannot maintain a separate Xorg fork. Xorg version 1.13.1 introduced a bug which breaks the "Sticky Keys" accessibility option. Thus, handicapped users who rely on the feature cannot use Xorg-based systems with the affected versions and are stuck on older software versions. Though all pre-bug Linux distros are soon scheduled for retirement, there seems to be no fix in sight. Should disabled users stick with outdated, vulnerable, and unsupported Linux distros or should we move to OS-X / Windows?

The prospect of changing my OS, applications, and practices due to such an ostensibly small issue is frightening. Note that we are not discussing 'I don't like change' but rather 'this unintentional change is incompatible with my physical disability.' Thus this is not a case of every change breaks someone's workflow."

An anonymous reader writes "My eastern European tech-support job will be outsourced in 6 months to a nearby country. I do not wish to move, having relationship and roots here, and as such I stand at a crossroads. I could take my current hobby more seriously and focus on Java development. I have no degree, no professional experience in the field, and as such, I do not hold much market value for an employer. However, I find joy in the creative problem solving that programming provides. Seeing the cogs finally turn after hours invested gives me pleasures my mundane work could never do. The second option is Linux system administration with a specialization in VMware virtualisation. I have no certificates, but I have been around enterprise environments (with limited support of VMware) for 21 months now, so at the end of my contract with 27 months under my belt, I could convince a company to hire me based on willingness to learn and improve. All the literature is freely available, and I've been playing with VDIs in Debian already.

My situation is as follows: all living expenses except food, luxuries and entertainment is covered by the wage of my girlfriend. That would leave me in a situation where we would be financially alright, but not well off, if I were to earn significantly less than I do now. I am convinced that I would be able to make it in system administration, however, that is not my passion. I am at an age where children are not a concern, and risks seem to be, at first sight, easier to take. I would like to hear the opinion and experience of fellow readers who might have been in a similar situation."

An anonymous reader writes "AMD privately shared with Phoronix during GDC2014 that they're developing a new Linux driver model. While there will still be an open (Gallium3D) and closed-source (Catalyst) driver, the Catalyst driver will be much smaller. AMD developers are trying to isolate the closed-source portion of the driver to just user-space while the kernel driver that's in the mainline Linux kernel would also be used by Catalyst. It's not clear if this will ultimately work but they hope it will for reducing code duplication, eliminating fragmentation with different kernels, and allowing open and closed-source driver developers to better collaborate over the AMD Radeon Linux kernel driver."

darthcamaro (735685) writes "Docker has become one of the most hyped open-source projects in recent years, making it hard to believe the project only started one year ago. In that one year, Docker has now gained the support of Red Hat and other major Linux vendors. What does the future hold for Docker? Will it overtake other forms of virtualization or will it just be a curiosity?"

alphadogg writes "Web servers running a long-outdated version of the Linux kernel were attacked with dramatic speed over two days last week, according to Cisco Systems. All the affected servers were running the 2.6 version, first released in December 2003. 'When attackers discover a vulnerability in the system, they can exploit it at their whim without fear of it being remedied,' Cisco said. After the Web server has been compromised, the attackers slip in a line of JavaScript to other JavaScript files within the website. That code bounces the website's visitors to a second compromised host. 'The two-stage process allows attackers to serve up a variety of malicious content to the visitor,' according to Cisco."

Dega704 sends this news from ComputerWorld:
"Some financial services companies are looking to migrate their ATM fleets from Windows to Linux in a bid to have better control over hardware and software upgrade cycles. Pushing them in that direction apparently is Microsoft's decision to end support for Windows XP on April 8, said David Tente, executive director, USA, of the ATM Industry Association. 'There is some heartburn in the industry' over Microsoft's end-of-support decision, Tente said. ATM operators would like to be able to synchronize their hardware and software upgrade cycles. But that's hard to do with Microsoft dictating the software upgrade timetable. As a result, 'some are looking at the possibility of using a non-Microsoft operating system to synch up their hardware and software upgrades,' Tente said."

Via Bits from Debian, comes news that the security team is considering adding a Long Term Support suite for Squeeze (Debian 6) after Jessie (Debian 8) is released sometime next year. From the mailing list post:
"At the moment it seems likely that an extended security support
timespan for squeeze is possible. The plan is to go ahead, sort out
the details as as it happens, and see how this works out and whether
it is going to be continued with wheezy.
The rough draft is that updates will be delivered via a separate
suite (e.g. squeeze-lts), where everyone in the Debian keyring can
upload in order to minimise bottlenecks and allow contributions by
all interested parties. Some packages will be exempted upfront due
to their volatile nature (e.g. some web applications) and others
might be expected to see important changes. The LTS suite will be
limited to amd64 and i386. The exact procedures will be sorted out
soon and announced in a separate mail. ... It needs to be pointed out that for this effort to be sustainable
actual contributions by interested parties are required. squeeze-lts
is not something that will magically fall from the sky. If you're
dependent/interested in extended security support you should make an
effort to contribute."
If successful, the LTS idea would possibly be carried over to Wheezy. With all of the changes coming in Jessie and its aggressive release schedule, this sysadmin really likes the idea of having a bit more breathing room for updating infrastructure between releases. The email also contains a bunch of other info on changes coming to the security process.

In related news, the Debian Installer team announced the first alpha of debian-installer for Jessie. Just the installer, not the distro as a whole (Jessie will be frozen in November). XFCE remains the default desktop, ia64 was kicked out of the archive, and a few new ARM variants are supported.

New submitter dalias (1978986) writes "The musl libc project has released version 1.0, the result of three years of development and testing. Musl is a lightweight, fast, simple, MIT-licensed, correctness-oriented alternative to the GNU C library (glibc), uClibc, or Android's Bionic. At this point musl provides all mandatory C99 and POSIX interfaces (plus a lot of widely-used extensions), and well over 5000 packages are known to build successfully against musl.

An anonymous reader writes "OpenSUSE has shared features coming to their 13.2 release in November. The big feature is using Btrfs by default instead of EXT4. OpenSUSE is committed to Btrfs and, surprisingly, they are the first major Linux distribution to use it by default. But then again, they were also big ReiserFS fans. Other planned OpenSUSE 13.2 features are Wayland 1.4, KDE Frameworks 5, and a new Qt5 front-end to YaST."

wiredmikey writes "Security researchers from ESET have uncovered a widespread attack campaign that has infected more than 25,000 Linux and UNIX servers around the world. The servers are being hijacked by a backdoor Trojan as part of a campaign the researchers are calling 'Operation Windigo.' Once infected, victimized systems are leveraged to steal credentials, redirected web traffic to malicious sites and send as many as 35 million spam messages a day. 'Windigo has been gathering strength, largely unnoticed by the security community, for more than two and a half years and currently has 10,000 servers under its control,' said Pierre-Marc Bureau, security intelligence program manager at ESET, in a statement.

There are many misconceptions around Linux security, and attacks are not something only Windows users need to worry about. The main threats facing Linux systems aren't zero-day vulnerabilities or malware, but things such as Trojanized applications, PHP backdoors, and malicious login attempts over SSH. ESET recommends webmasters and system administrators check their systems to see if they are compromised, and has published a detailed report presenting the findings and instructions on how to remove the malicious code if it is present."

jones_supa writes "More great news for Linux gamers: following the footsteps of Steam, GOG.com is preparing delivery of Linux games. They expect to start doing so this autumn. The officially supported distributions will be Ubuntu and Mint. Right now, they are performing testing on various configurations, training up their teams on Linux-speak, and generally preparing for the rollout of at least 100 titles — DRM-free, as usual. This will update some of the catalog's existing games with a Linux port and bring new ones to the collection. Further information on specific games is yet not known, but GOG invites fans and customers to their community wishlist for discussion."

probain was the first to submit news that Crytek has officially announced the port of their CRYENGINE game engine to Linux and will be demoing it at the Game Developers Conference next week. Quoting: "During presentations and hands-on demos at Crytek's GDC booth, attendees can see for the first time ever full native Linux support in the new CRYENGINE. The CRYENGINE all-in-one game engine is also updated with the innovative features used to recreate the stunning Roman Empire seen in Ryse – including the brand new Physically Based Shading render pipeline, which uses real-world physics simulation to create amazingly realistic lighting and materials in CRYENGINE games."

theodp writes "Android is free and open," reiterated Google Android Chief Andy Rubin in 2010 as Microsoft launched Windows Phone 7. Rubin added, 'Competition is good for the consumer and if somebody has an idea for a feature or a piece of functionality in their platform and Android doesn't do it, great. I think it's good to have the benefit of choice, but in the end I don't think the world needs another platform.' But now, CNET and Digitimes report that Google is holding up the Asus Transformer Book Duet TD300 (specs), a laptop-tablet hybrid that can instantly switch between Android and Windows 8.1. A source familiar with the Asus Duet told CNET that Google is the one that has not favored the idea, while Microsoft has not, to date, been actively opposed to the idea. 'If true,' reports Apple Insider, 'it may not be the first time Google has helped to quash such a product.' South Korean electronics giant Samsung quietly canceled plans for its hybrid Ativ Q tablet last year, and Digitimes notes that Asus may not be the only company to bow to Google's wishes."

kc123 writes "Earlier this week, The Linux Foundation announced that it would be working with edX, a non-profit online learning site governed by Harvard and MIT, to make its "Introduction to Linux" course free and open to all. The Linux Foundation has long offered a wide variety of training courses through its website, but those can generally cost upwards of $2,000. This introductory class, which usually costs $2,400, will be the first from the Linux Foundation to run as a Massive Open Online Course (MOOC)."

jones_supa writes "Valve has recently released Portal 2 on Steam for Linux and opened a GitHub entry to gather all the bugs from the community. When one of the Valve developers closed a bug related to Portal 2recommending that the users disable a security feature, the Linux community reacted. A crash is caused by the game's interaction with SELinux, the Linux kernel subsystem that deals with access control security policies. Portal 2 uses the third-party Miles Sound System MP3 decoder which, in turn, uses execheap, a feature that is normally disabled by SELinux. Like its name suggests, execheap allows a program to map a part of the memory so that it is both writable and executable. This could be a problem if someone chose to use that particular memory section for buffer overflow attacks; that would eventually permit the hacker to gain access to the system by running code. In the end, Valve developer David W. took responsibility of the problem: 'I apologize for the mis-communication: Some underlying infrastructure our games rely on is incompatible with SELinux. We are hoping to correct this. Of course closing this bug isn't appropriate and I am re-opening it.' This is more of an upstream problem for Valve. It's not something that they can fix directly, and most likely they will have to talk with the Miles developers and try to repair the problem from that direction."

First time accepted submitter BlazeMiskulin writes "With XP approaching end-of-life, I find myself in a situation that I'm guessing is common: What to do with Mom's machine (or 'grandma's machine' for the younger of you). Since a change has to be made, this seems like a good time to move to a Linux distro. My mother (82) uses her computer for e-mail and web-browsing only. I know that any distro will be able to handle her needs. I've been using Linux (Ubuntu, CentOS, and Redhat--usually with KDE interface) for about 10 years now, but I know that my preferences are quite different from hers.

I have my own ideas, but I'm curious what others think: What combination of distro and UI would you recommend for an old, basic-level user who is accustomed to the XP interface and adverse to change?"
My Grandmother seems happy running KDE on Debian.

New submitter williamyf writes "According to this article at Ars Technica, '[A] bug in the GnuTLS library makes it trivial for attackers to bypass secure sockets layer (SSL) and Transport Layer Security (TLS) protections available on websites that depend on the open source package. Initial estimates included in Internet discussions such as this one indicate that more than 200 different operating systems or applications rely on GnuTLS to implement crucial SSL and TLS operations, but it wouldn't be surprising if the actual number is much higher. Web applications, e-mail programs, and other code that use the library are vulnerable to exploits that allow attackers monitoring connections to silently decode encrypted traffic passing between end users and servers.' The coding error may have been present since 2005."

An anonymous reader writes "Citing 'code we consider to be permanently "experimental" or "beta,"' Google Chrome engineers have no plans on enabling video acceleration in the Chrome/Chromium web browser. Code has been written but is permanently disabled by default because 'supporting GPU features on Linux is a nightmare' due to the reported sub-par quality of Linux GPU drivers and many different Linux distributions. Even coming up with a Linux GPU video acceleration white-list has been shot down over fear of the Linux video acceleration code causing stability issues and problems for Chrome developers. What have been your recent experiences with Linux GPU drivers?"

sfcrazy writes "Linux is on a roll. After conquering the smartphone space, Android is now dominating the tablet space. According to a new study by Gartner, 'the tablet growth in 2013 was fueled by the low-end smaller screen tablet market, and first time buyers; this led Android to become the No. 1 tablet operating system (OS), with 62 percent of the market.'"
Also, everyone is buying tablets.(~200 million sold in 2013 vs ~115 million in 2012). Microsoft still only has 2% of the tablet market.

Via Phoronix comes news that Debian has been ported to the OpenRISC architecture by Christian Svensson. Quoting his mailing list post:
"Some people know that I've been working on porting Glibc and doing some
toolchain work. My evil master plan was to make a Debian port, and today
I'm a happy hacker indeed! ... If anyone want to try this on real hardware (would be very cool to see how
this runs IRL), ping me on IRC [#openrisc on freenode] and I'll set you up with instructions how to
use debootstrap - just point to a repo with the debs and you're all set,
the wonders of binary distributions."
For those who don't know, OpenRISC is the completely open source RISC processor intended as the crown jewel of the Opencores project. A working port of glibc and a GNU/Linux distribution is a huge step toward making use of OpenRISC practical. There's a screencast of the system in action, and source on Github (at posting time, it was a month out of date from the looks of it). Christian Svensson's Github account also has repos for the rest of the toolchain.

Eloquence writes "Pitivi is perhaps the most mature, stable and actually usable open source video editor out there. They're now looking to raise funds to support the project's ongoing development. The lack of decent open source video editors has been one of the things keeping people locked into proprietary platforms, and video editing has been identified as a high priority project by the Free Software Foundation. 2014 may still not be the fabled year of the Linux desktop, but here's hoping it'll be the year of open source video editing." Work continues as well on the crowdfunded transition to cross-platform, open-source video editing with OpenShot, and developer Jonathan Thomas is presenting the work done so far at SCALE this weekend.

An anonymous reader writes "Sailfish, the Linux-based mobile operating system developed by Finnish devicemaker Jolla, has reached version 1.0. Sailfish arose from the ashes of several failed and interrupted projects to bring a new, major Linux-based platform to mobile devices. It's already running on phones sold in India and Russia, but more importantly, Sailfish was designed to be easily ported to existing Android devices. It's also built to support many Android apps. Jolla will begin providing complete firmware downloads during the first half of the year."

In addition to sponsoring the work of Linus Torvalds, The Linux Foundation supports and promotes a wide variety of resources and services for Linux. Their recently released 2014 Linux Jobs Report surveyed more than 1,000 managers and corporations, finding in part, that the demand for "Linux Professionals" was up 70% from last year. Jim Zemlin is the Executive Director of the Linux Foundation and he has agreed to answer any questions that you have about the report and the state of Linux in general. As usual, ask as many as you'd like, but please, one question per post.

cold fjord writes with news that Red Flag Software, makers of China's Red Hat derivative Red Flag Linux, has halted operations. From the article: "Once the world's second-largest Linux distributor, Red Flag Software has shuttered reportedly due to mismanagement and after owing employees months in unpaid wages. China's state-funded answer to global software giants like Microsoft ... filed for liquidation over the weekend and terminated all employee contracts. Set up in late-1999 amid the dot-com boom, Red Flag was touted as an alternative to Windows ... It thrived in the early days, inking deals with partners such as Oracle and Dell which products were certified to support and shipped with Red Flag Software. The Beijing-based vendor was primarily funded by the Chinese Academy of Sciences' Institute of Software Research, and later received additional funding from state-owned Shanghai NewMargin Venture Capital and the Ministry of Information Industry's VC arm ... 'A lack of brand awareness and sustained investments, coupled with the rise of rivals including Red Hat Enterprise Linux and SuSE Linux Enterprise, led to its downfall,' Eric Peng, Beijing-based research manager with IDC, said ... Peng noted that, during its hey days, Red Flag had enjoyed high adoption among government agencies, state-owned organizations, and schools.""

Probably -- if the device I want supports itProbably -- if it works as promisedProbably -- credit cards will be like checks in another decadeNot sure -- no strong opinions either wayDoubtful -- not a useful technology to meDoubtful -- it will be too fragmentedDoubtful -- privacy/security concernsDoes throwing my spare change at the cashier count as mobile?